Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/f88857-cc05-4bdb-91e6-ed4f0643bf25/1/rKqbvBRxaa_Qi9ASgxRQF-OX-_w.roa
File: rKqbvBRxaa_Qi9ASgxRQF-OX-_w.roa (raw, json)
Hash identifier: wWq1izK5w4WXApNDVXwoXlEFNpJ2eCjmOXY8hQFLmlo=
Subject key identifier: AC:AA:9B:BC:14:71:69:AF:D0:8B:D0:12:83:14:50:17:E3:97:FB:FC
Certificate issuer: /CN=ced2d800dc6c33b69fa47291e2f15b335ea3600f
Certificate serial: 01900C5D38DF3FAB2E63178E5297AA4BA86F
Authority key identifier: CE:D2:D8:00:DC:6C:33:B6:9F:A4:72:91:E2:F1:5B:33:5E:A3:60:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ztLYANxsM7afpHKR4vFbM16jYA8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/f88857-cc05-4bdb-91e6-ed4f0643bf25/1/rKqbvBRxaa_Qi9ASgxRQF-OX-_w.roa
Signing time: Wed 12 Jun 2024 12:12:34 +0000
ROA not before: Wed 12 Jun 2024 12:12:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43519
IP address blocks: 51.149.0.0/24 maxlen: 24
51.149.1.0/24 maxlen: 24
51.149.254.0/24 maxlen: 24
51.149.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/f88857-cc05-4bdb-91e6-ed4f0643bf25/1/ztLYANxsM7afpHKR4vFbM16jYA8.crl
rsync://rpki.ripe.net/repository/DEFAULT/fb/f88857-cc05-4bdb-91e6-ed4f0643bf25/1/ztLYANxsM7afpHKR4vFbM16jYA8.mft
rsync://rpki.ripe.net/repository/DEFAULT/ztLYANxsM7afpHKR4vFbM16jYA8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 27 Jun 2024 00:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:0c:5d:38:df:3f:ab:2e:63:17:8e:52:97:aa:4b:a8:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ced2d800dc6c33b69fa47291e2f15b335ea3600f
Validity
Not Before: Jun 12 12:12:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=acaa9bbc147169afd08bd01283145017e397fbfc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:6b:2e:76:56:a9:f6:c8:4d:f1:24:00:91:0d:
bb:cc:49:ca:d6:8b:7e:03:24:3f:df:be:12:70:ae:
a3:a3:e3:8c:61:be:33:eb:52:e3:58:55:56:d7:e9:
47:71:64:f7:ba:f3:4c:d0:70:9b:3c:6c:b8:13:3a:
03:d8:0e:ab:8f:3d:48:ac:32:dd:ae:01:f3:8e:66:
65:13:94:56:be:99:7b:f0:a7:1f:5c:98:c1:76:39:
16:e0:bc:5c:2c:72:b0:74:16:ce:c8:fa:f4:e9:6d:
53:14:6c:7e:74:81:d3:fd:5b:97:7e:13:8d:ee:20:
94:a3:1e:aa:eb:51:db:63:95:ae:a7:b1:5d:db:ed:
1c:59:f7:9e:01:48:6b:34:38:f7:e8:cf:11:84:38:
2b:8d:88:46:5c:7f:9d:a2:6c:47:bf:d1:72:fc:c8:
ea:fd:33:fc:c1:17:90:d1:cf:2e:b6:e2:38:98:8a:
44:c1:1d:55:d5:55:a2:5f:5d:f4:f7:48:b1:b7:55:
b6:a0:d5:c6:39:31:a9:07:07:11:6e:c6:af:72:e3:
27:8d:b9:4a:91:77:00:61:04:75:f4:ff:d6:fc:3a:
75:50:fd:83:b3:b8:0a:a5:97:23:69:6e:8c:bb:fa:
4c:34:e6:b1:21:ed:28:83:15:4d:a8:ae:1d:b5:9c:
ef:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:AA:9B:BC:14:71:69:AF:D0:8B:D0:12:83:14:50:17:E3:97:FB:FC
X509v3 Authority Key Identifier:
keyid:CE:D2:D8:00:DC:6C:33:B6:9F:A4:72:91:E2:F1:5B:33:5E:A3:60:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ztLYANxsM7afpHKR4vFbM16jYA8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/f88857-cc05-4bdb-91e6-ed4f0643bf25/1/rKqbvBRxaa_Qi9ASgxRQF-OX-_w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/f88857-cc05-4bdb-91e6-ed4f0643bf25/1/ztLYANxsM7afpHKR4vFbM16jYA8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.149.0.0/23
51.149.254.0/23
Signature Algorithm: sha256WithRSAEncryption
08:ac:b4:e7:cf:da:b8:ba:ea:ee:8f:db:1f:72:11:b4:d6:ce:
cb:dc:e4:4c:31:3d:f9:cf:9a:e0:95:22:90:54:9b:cb:d3:33:
2e:81:df:b5:ac:e3:91:24:09:f7:35:62:a2:31:9b:af:b3:ef:
54:12:b2:9e:a7:55:ac:fa:49:84:2c:f4:5b:59:f1:0a:e8:c2:
55:cc:c6:c2:9a:bb:dd:71:8e:55:1a:00:45:2d:66:f8:19:d8:
ba:e1:9c:fd:22:6c:8e:fe:db:cd:6b:23:00:f0:1b:3c:26:92:
8a:fd:35:32:cc:3e:1e:ee:5b:80:d6:9e:e0:b6:a7:cd:d9:43:
30:61:f5:5c:07:f2:8a:ab:2d:33:90:72:29:63:cb:0d:2c:fa:
fe:5f:25:47:39:75:d0:48:61:e1:dd:86:90:c7:a0:47:21:66:
02:ab:54:1f:46:dd:3b:f4:f7:4a:73:f8:92:9b:0c:89:38:6d:
d7:71:e6:88:35:fd:79:6e:54:d0:a4:60:b9:30:36:8d:2d:12:
05:4e:4a:b9:de:ad:ab:fd:34:ed:cb:35:78:8b:0d:38:ca:f6:
4a:ea:7c:85:c4:24:ad:b9:8f:5c:59:f1:4a:20:47:98:2b:b5:
fa:bd:49:d9:d8:aa:04:b7:05:dd:a6:d7:45:ee:57:05:4b:7c:
ee:55:f4:09
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZAMXTjfP6suYxeOUpeqS6hvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlZDJkODAwZGM2YzMzYjY5ZmE0NzI5MWUyZjE1YjMzNWVh
MzYwMGYwHhcNMjQwNjEyMTIxMjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2FhOWJiYzE0NzE2OWFmZDA4YmQwMTI4MzE0NTAxN2UzOTdmYmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhGsudlap9shN8SQAkQ27zEnK1ot+
AyQ/374ScK6jo+OMYb4z61LjWFVW1+lHcWT3uvNM0HCbPGy4EzoD2A6rjz1IrDLd
rgHzjmZlE5RWvpl78KcfXJjBdjkW4LxcLHKwdBbOyPr06W1TFGx+dIHT/VuXfhON
7iCUox6q61HbY5Wup7Fd2+0cWfeeAUhrNDj36M8RhDgrjYhGXH+domxHv9Fy/Mjq
/TP8wReQ0c8utuI4mIpEwR1V1VWiX13090ixt1W2oNXGOTGpBwcRbsavcuMnjblK
kXcAYQR19P/W/Dp1UP2Ds7gKpZcjaW6Mu/pMNOaxIe0ogxVNqK4dtZzvXQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKyqm7wUcWmv0IvQEoMUUBfjl/v8MB8GA1UdIwQY
MBaAFM7S2ADcbDO2n6RykeLxWzNeo2APMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenRMWUFOeHNNN2FmcEhLUjR2RmJNMTZqWUE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9mODg4NTctY2MwNS00YmRiLTkxZTYt
ZWQ0ZjA2NDNiZjI1LzEvcktxYnZCUnhhYV9RaTlBU2d4UlFGLU9YLV93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9mODg4NTctY2MwNS00YmRiLTkxZTYtZWQ0ZjA2NDNiZjI1
LzEvenRMWUFOeHNNN2FmcEhLUjR2RmJNMTZqWUE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBM5UAAwQB
M5X+MA0GCSqGSIb3DQEBCwUAA4IBAQAIrLTnz9q4uuruj9sfchG01s7L3ORMMT35
z5rglSKQVJvL0zMugd+1rOORJAn3NWKiMZuvs+9UErKep1Ws+kmELPRbWfEK6MJV
zMbCmrvdcY5VGgBFLWb4Gdi64Zz9ImyO/tvNayMA8Bs8JpKK/TUyzD4e7luA1p7g
tqfN2UMwYfVcB/KKqy0zkHIpY8sNLPr+XyVHOXXQSGHh3YaQx6BHIWYCq1QfRt07
9PdKc/iSmwyJOG3XceaINf15blTQpGC5MDaNLRIFTkq53q2r/TTtyzV4iw04yvZK
6nyFxCStuY9cWfFKIEeYK7X6vUnZ2KoEtwXdptdF7lcFS3zuVfQJ
-----END CERTIFICATE-----
Generated at Wed Jun 26 11:35:24 2024 by rpki-client on console-fra.rpki-client.org